A Data-Over-Cable Service Interface Specification (DOCSIS) system, for example, can be used to deliver high-definition digital entertainment and telecommunications such as video, voice, and high-speed Internet to subscribers over an existing cable television network. The cable television network can take the form of an all-coax, all-fiber, or hybrid fiber/coax (HFC) network. A multiple service operator (MSO) can deliver these services to subscribers by using a cable modem termination system (CMTS) located at a headend and customer premise equipment (CPE) devices located at subscriber premises. The CPE devices can include, for example, cable modems (CMs) or embedded multimedia terminal adapters (eMTAs), set top boxes, gateway devices, among others.
Typically, to receive services over a cable network, a legitimate subscriber enters into a contract with a MSO in which the subscriber agrees to pay the MSO for a particular level of service based for example on bandwidth. The service can be delivered to the subscriber using an authorized CM, which is identified by a unique MAC address that is assigned to the CM during the manufacturing process.
Unfortunately, the MAC address of the authorized CM can be illegitimately obtained and copied to another CM (i.e., “cloned CM”) that is not authorized to access the MSO network. This process is typically described as modem cloning or MAC address cloning. The cloned CM can appear to the MSO network to be the original, authorized CM having the same MAC address. Consequently, the cloned CM can gain access to the MSO network and received services without the user of the cloned CM paying for the service.
This disclosure generally describes systems and methods for identifying cloned CMs and more generally cloned CPE devices and preventing the cloned CPE devices from receiving service over the MSO network. Although this disclosure makes reference to a DOCSIS-based system, this disclosure is not intended to be limited to a DOCSIS-based system.